7.02.18 Dark Web and Cybercrime Roundup

At a conference at Fordham University in New York City, FBI Special Agent Nicholas G. Phirippidis spoke about the operation that brought down Alphabay: Operation Bayonet. The conference featured many speakers from the FBI. Many of the topics made headlines for controversial reasons. For instance, FBI Director Christopher Wray spoke on encryption and called it “a major public safety issue.” FBI Special Agent Phirippidis’ talk proved less inspiring (and less informative) than many of the talks. He detailed some interesting portions of the operation, but also proudly presented a video of law enforcement arresting Alexandre Cazes, the alleged founder of Alphabay.

The information about the investigation itself may not have been poorly received; the Special Agent explained some of the steps law enforcement took to capture Cazes. For instance, in order to grab Cazes’ devices before he locked them or triggered a dead man’s switch. The poorly received part—or part that some circles poorly received—was the airing of a video and discussion of a man who had never been convicted of the crimes the FBI accused him of committing. Cazes seemingly took his own life while in custody in Thailand and never faced a trial in the United States. Article

Reddit Banned Several Darknet Market Subreddits

Last week, Reddit mods banned two regional counterparts to the main darknet market subreddit, /r/darknetmarkets. They banned /r/dnmuk, the UK counterpart. They banned /r/DarkNetMarketsoz, the Australian counterpart. They also went after /r/Dream_Market, signaling one of the first marketplace-specific bans. In fairness, the mods struck down more than just darknet market subreddits. They banned /r/glassine, a stamp reviewing subreddit. They went beyond drugs too; Reddit banned /r/fakeid and fakeiduk.

Ultimately, Reddit mods banned the above subreddits and not /r/darknetmarkets for a single reason: sourcing. The main sub is not exempt and may very well be the next subreddit to go, but the subreddit moderators strictly enforce the “no sourcing” rule. All of the above subreddits allowed sourcing or provided specific details on where to physically find illegal substances (glassine). If the main subreddit starts allowing vendors to blatantly post Wickr contact information, all bets are off.

Alphabay Vendors CaliConnect and BTH-Overdose Sentenced to Prison

Both the darknet vendor who used his clearnet email address with his darknet market PGP key and the vendor who attempted to trademark the name of his vendor account received prison sentences on the same day and in the same courtroom. The first vendor, Emil Vladimirov Babadjov aka Blime-Sub aka BTH-Overdose, received a prison sentence of five years and ten months. The second vendor, David Ryan Burchard aka CaliConnect caught a prison sentence of six year and eight months. Babadjov sold mainly fentanyl—often sold as heroin. And Burchard moved mainly marijuana.

Burchard’s case made headlines for a number of reasons. Even the mainstream media wrote about his attempted trademark that he filed under his real name. They also wrote about his password: asshole209. It did not contribute to his arrest, authorities said. But it would have been an easy password to crack, especially since Burchard lived in area code 209.

Users Cautioned to Avoid Alphabay Lookalike “Empire Market”

Not long ago, another market entered the scene. As with many new markets, this market resembled another. Unlike many new markets, Empire Market used their own code. The design, though, came from Alphabay market. This part was no secret; they launched the market and informed users of the Alphabay similarities simultaneously.

A Reddit user recently pointed out that the market may have a ways to go if it ever intends to be secure. Or if it intends to be free of all basic errors or vulnerabilities, including those a clearnet site could ignore. One Reddit user showed that the market had not properly sanitized some of the more basic variables. “In less than 15 minutes after registering to this market I was able to easily get access to their full database of profiles, as well as some leaked system configuration (Server engine, its version and Operating system).” While not a hack, the Reddit user managed to pull a list of every Empire Market user.

2 comments

Empire… I have no dog in this fight but did you look at the ludicrous “proof” pictures posted by that reddit user? The reddit user was full of sh*!. The only thing he apparently did was iterate the user ID profile page to acquire usernames.